NBK Wealth is a world-class wealth management group and part of the NBK Group - one of the Middle East's largest financial institutions. We offer holistic solutions that aim to protect and grow our client's wealth and strive towards having a positive impact and building legacies for our clients and generations to come. We follow a holistic client-centric approach to deeply understand our clients’ needs to offer the best solutions.

Job Summary:

We're looking for an experienced Information Security Manager to join our Risk Management team. Your role is pivotal in ensuring compliance with regulations, group and industry standards while managing our information security policies and procedures.

Key Responsibilities:

• Develop and maintain information security policies, standards, and procedures.
• Conduct risk assessments and coordinate security management efforts.
• Monitor and respond to security incidents, ensuring proper documentation and follow-up.
• Manage internal and external security audits and reviews.
• Support budgeting and planning for information security requirements.
• Drive the development of security measures to meet evolving needs.
• Provide training to minimize security risks.
• Collaborate with stakeholders to align security with business objectives.
• Stay updated on industry trends and threats to enhance our security posture.
• Provide regular updates to senior management on security initiatives.
• Build & orchestrate security plans aligned with business and Group Information Security strategy for digital initiatives.
• Work with Cloud Security in AWS, Azure, Google or other for the defining and designing the security controls for business solutions in cloud environment.
• Work with developers and system architects on deployments to diagnose, document, and remediate deviations from security standards.
• Determine security requirements by evaluating business strategies and requirements for cloud-based solutions.
• Contribute to the evaluation, recommendation, and implementation of cloud security controls in line with emerging cloud technologies and practices across group entities.
• Maintains security by ensuring compliance to standards, policies, and procedures set out by the GISO.
• Experience with development and implementation of a comprehensive and broad set of security controls for cloud infrastructure and DevOps.
• Perform compliance reviews & assessments to identify security gaps and works with different teams and the group's information security to resolve them.
• Prepares security reports by collecting, analyzing, and summarizing data and trends.
• Conducts incident response analyses.
• Coordinate with Group Digital Security team for ensuring alignment to Group security standards.
• Participate in Agile project meetings and provide security feedback after discussing with Group CISO.
• Ability to perform security assessment of application, vendor, cloud, and third-party assessment.

Qualifications:

• Bachelor’s degree in information security, Computer Science, or related field.
• Professional Qualifications like CISA, CISM, CISSP, ISO27001 required.
• Cloud certifications like AWS Certified Cloud Practitioner, Certificate of Cloud Security Knowledge, Azure fundamentals, SANS Cloud Security Essentials etc.
• Minimum of 5 years of experience in Information Security Governance roles in the Financial Services sector.
• Relevant skills include an understanding of business/technology risk, thought leadership in designing and executing cloud / technology controls that mitigate those risks, and ability to keep up-to date with the latest technologies and potential cyber-threats.
• Sound understanding of application architecture and application workflow to identify security risks.
• Project Management skills.
• Excellent communication and interpersonal skills, with the ability to effectively collaborate with cross-functional teams.

Only applicants meeting the strict criteria outlined above will be contacted as part of the shortlisting process.